Privacy & speed vs security

Discussion in 'Computer Security' started by Marco Maier, Jul 26, 2004.

  1. Marco Maier

    Marco Maier Guest

    Hi! Sorry for my English.
    I'm using a firewall that uses intrusion detection systems. I can filter
    any packet (in or out ) that I want but, if the communication is encrypted
    or compressed it is virtually impossible. A simple example:
    I can't filter google pages based on content unless I disable http 1.1 because
    the outgoing http 1.1 header accepts gzip.
    Is it possible that privacy (encrypted communication) and speed (gzipped
    content or compressed content) is against security? In the future
    I think that many clients will use encrypted communication.
    Is this a security risk?
     
    Marco Maier, Jul 26, 2004
    #1
    1. Advertising

  2. Marco Maier

    Marco Maier Guest


    > I think you misunderstand: encryption should include an acceptance by *both*
    > ends of the link that the other party is valid (e.g. SSL and certificates)


    I have in mind p2p clients that support encryption.I can't filter what I want.
     
    Marco Maier, Jul 26, 2004
    #2
    1. Advertising

  3. "Marco Maier" <> wrote in message
    news:QL3Nc.43211$...
    > Hi! Sorry for my English.
    > I'm using a firewall that uses intrusion detection systems. I can filter
    > any packet (in or out ) that I want but, if the communication is

    encrypted
    > or compressed it is virtually impossible. A simple example:
    > I can't filter google pages based on content unless I disable http 1.1

    because
    > the outgoing http 1.1 header accepts gzip.
    > Is it possible that privacy (encrypted communication) and speed (gzipped
    > content or compressed content) is against security? In the future
    > I think that many clients will use encrypted communication.
    > Is this a security risk?


    I think you misunderstand: encryption should include an acceptance by *both*
    ends of the link that the other party is valid (e.g. SSL and certificates)

    Anything else is, well, pointless.

    Don't worry too much about compression - IIRC (and stand to be corrected)
    it's been there since at least HTTP 0.9 and is largely unsupported. I looked
    at before I wrote NETcruncher..

    --

    Hairy One Kenobi

    Disclaimer: the opinions expressed in this opinion do not necessarily
    reflect the opinions of the highly-opinionated person expressing the opinion
    in the first place. So there!
     
    Hairy One Kenobi, Jul 26, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. a.metselaar

    speed speed speed

    a.metselaar, Dec 28, 2003, in forum: Computer Support
    Replies:
    14
    Views:
    1,020
    BuffNET Tech Support - MichaelJ
    Dec 30, 2003
  2. MjrTom
    Replies:
    3
    Views:
    609
    Toolman Tim
    May 1, 2004
  3. Patty Amas
    Replies:
    5
    Views:
    3,231
    Patty Amas
    Nov 5, 2004
  4. NewB

    privacy/security violation at google

    NewB, May 18, 2005, in forum: Computer Support
    Replies:
    11
    Views:
    666
    gangle
    May 18, 2005
  5. Lord Shaolin

    Book Review - Wireless Security and Privacy

    Lord Shaolin, Oct 10, 2003, in forum: Computer Security
    Replies:
    0
    Views:
    435
    Lord Shaolin
    Oct 10, 2003
Loading...

Share This Page